/** * Fetches the user data via adLDAP and stores it in the provided $user. * * @param AdUser|User $user * @param TokenInterface $token * @param adLDAP $adLdap * @return bool * @throws \Exception */ public function fetchData(AdUser $user, TokenInterface $token, adLDAP $adLdap) { $connected = $adLdap->connect(); $isAD = $adLdap->authenticate($user->getUsername(), $token->getCredentials()); if (!$isAD || !$connected) { $msg = $this->translator->trans('riper.security.active_directory.ad.bad_response', array('%connection_status%' => var_export($connected, 1), '%is_AD%' => var_export($isAD, 1))); throw new \Exception($msg); } /** @var adLDAPUserCollection $userCollection */ $userCollection = $adLdap->user()->infoCollection($user->getUsername(), array('*')); if ($userCollection) { $groups = $adLdap->user()->groups($user->getUsername(), $this->recursiveGrouproles); $sfRoles = array(); $sfRolesTemp = array(); foreach ($groups as $r) { if (in_array($r, $sfRolesTemp) === false) { $sfRoles[] = 'ROLE_' . strtoupper(str_replace(' ', '_', $r)); $sfRolesTemp[] = $r; } } $user->setRoles($sfRoles); unset($sfRolesTemp); $user->setDisplayName($userCollection->displayName); $user->setUuid($adLdap->utilities()->decodeGuid($userCollection->objectguid)); $user->setEmail($userCollection->mail); $user->setRoles(['ROLE_USER']); $user->setPassword($token->getCredentials()); return true; } return false; }
/** * Fetches the user data via adLDAP and stores it in the provided $user. * * @param AdUser|User $user * @param TokenInterface $token * @param adLDAP $adLdap * @return bool * @throws \Exception */ public function fetchData(AdUser $user, TokenInterface $token, adLDAP $adLdap) { $connected = $adLdap->connect(); $isAD = $adLdap->authenticate($user->getUsername(), $token->getCredentials()); if (!$isAD || !$connected) { $msg = $this->translator->trans('riper.security.active_directory.ad.bad_response', array('%connection_status%' => var_export($connected, 1), '%is_AD%' => var_export($isAD, 1))); throw new \Exception($msg); } /** @var adLDAPUserCollection $userCollection */ $userCollection = $adLdap->user()->infoCollection($user->getUsername(), array('*')); if ($userCollection) { $user->setDisplayName($userCollection->displayName); $user->setUuid($adLdap->utilities()->decodeGuid($userCollection->objectguid)); $user->setEmail($userCollection->mail); $user->setPassword($token->getCredentials()); $roles = ['ROLE_USER']; if (in_array($userCollection->mail, $this->config['admin_emails'], true)) { $roles[] = 'ROLE_ADMIN'; } $user->setRoles($roles); $this->userService->saveLDAPUserData($user); return true; } return false; }
public function fetchData(adUser $adUser, TokenInterface $token, adLDAP $adLdap) { $connected = $adLdap->connect(); $isAD = $adLdap->authenticate($adUser->getUsername(), $token->getCredentials()); if (!$isAD || !$connected) { $msg = $this->translator->trans('ztec.security.active_directory.ad.bad_response', array('%connection_status%' => var_export($connected, 1), '%is_AD%' => var_export($isAD, 1))); throw new \Exception($msg); } /** @var adLDAPUserCollection $user */ $user = $adLdap->user()->infoCollection($adUser->getUsername()); //$userInfo = $adLdap->user_info($this->username); if ($user) { $groups = array(); //$allGroups = $adLdap->search_groups(ADLDAP_SECURITY_GLOBAL_GROUP,true); $groups = $adLdap->user()->groups($adUser->getUsername(), $this->recursiveGrouproles); /*if ($this->recursiveGrouproles == true) { // get recursive groups via adLdap $groups = $adLdap->user()->groups($adUser->getUsername(), true); } else { foreach ($user->memberOf as $k => $group) { if ($k !== 'count' && $group) { $reg = '#CN=([^,]*)#'; preg_match_all($reg, $group, $out); $groups[] = $out[1][0]; /* if(array_key_exists($out[1][0],$allGroups)){ $groups[$out[1][0]] = $allGroups[$out[1][0]]; }*/ /*} } }*/ /** End Fetching */ $sfRoles = array(); $sfRolesTemp = array(); foreach ($groups as $r) { if (in_array($r, $sfRolesTemp) === false) { $sfRoles[] = 'ROLE_' . strtoupper(str_replace(' ', '_', $r)); $sfRolesTemp[] = $r; } } $adUser->setRoles($sfRoles); unset($sfRolesTemp); $adUser->setDisplayName($user->displayName); $adUser->setEmail($user->mail); return true; } }